Anti virus and Firewall
in [Debian]
|
From: Brian on 4 Aug 2010 10:50 On Wed 04 Aug 2010 at 10:53:42 +0200, Wolodja Wentland wrote: > chkrootkit - rootkit detector > rkhunter - rootkit, backdoor, sniffer and exploit scanner If ckkrootkit really did detect worms like Lupper, Lion and Adore (as opposed to the false positives both programs appear fond of generating) the user should take a close look at the Debian release he is using. My problem with software like this is that it gives the impression of providing security over and above what the normal updating procedure provides. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/20100804142447.GI26887(a)desktop
From: Jordon Bedwell on 4 Aug 2010 11:10 On 8/4/2010 9:24 AM, Brian wrote: > On Wed 04 Aug 2010 at 10:53:42 +0200, Wolodja Wentland wrote: > >> chkrootkit - rootkit detector >> rkhunter - rootkit, backdoor, sniffer and exploit scanner > > If ckkrootkit really did detect worms like Lupper, Lion > and Adore (as opposed to the false positives both programs > appear fond of generating) the user should take a close > look at the Debian release he is using. > > My problem with software like this is that it gives the > impression of providing security over and above what the > normal updating procedure provides. > > > Because a rootkit can't remain hidden and inject itself back into the binary after a "security update" right? I mean it's never happened before, that's why Tripwire doesn't exist...Or because apt does trigger checks and validates once after the install and then once more a few minutes later to trigger integrity violations? Or because doing a security update on grub will remove a rootkit in your system that will just inject itself back into the boot? All this is just figments of our imagination and it's impossible for any of this to happen because all you have to do is apt-get upgrade and you'll be legit. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4C59829D.1000509(a)envygeeks.com
From: Brian on 4 Aug 2010 14:10 On Wed 04 Aug 2010 at 10:09:17 -0500, Jordon Bedwell wrote: > Because a rootkit can't remain hidden and inject itself back into the > binary after a "security update" right? Correct. It wouldn't be there in the first place and I don't plan on having my root acoount compromised. Besides, I know my system. I mean it's never happened > before, that's why Tripwire doesn't exist...Or because apt does trigger > checks and validates once after the install and then once more a few > minutes later to trigger integrity violations? Or because doing a > security update on grub will remove a rootkit in your system that will > just inject itself back into the boot? All this is just figments of our > imagination and it's impossible for any of this to happen because all > you have to do is apt-get upgrade and you'll be legit. You're speaking hypothetically. When rootkits with these capabilities exist neither chkrootkit nor rkhunter will detect them. By the time they get round to it my updates will have brought in the fixes, just as they did when Lion, which chkrootkit spuriously claims to defend me against, was about. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/20100804174319.GL26887(a)desktop
From: Nuno Magalhães on 4 Aug 2010 15:00 On Wed, Aug 4, 2010 at 18:43, Brian <ad44(a)cityscape.co.uk> wrote: > Besides, I know my system. Famous last words... ;) -- ()Â ascii-rubanda kampajno - kontraÅ html-a retpoÅto /\Â ascii ribbon campaign - against html e-mail -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTimKv?C1s1o457XMKdjGSVKnwehaavzMsW72sv(a)mail.gmail.com
From: Eero Volotinen on 5 Aug 2010 03:40 2010/8/4 Tingez Unknown <tingez(a)twf-clan.co.uk>: > Hi all Debian people, > > Firstly i am very new to Debian so please excuse me for my lack of > understanding. I have recently got a Dedicated server box for my gaming Clan > and have had Debian 5 64bit installed on it. Now as we will eventually be > using the server for our web site for forums, Emails, sending and receiving > files and all other aspects web site related, fast redirect downloading > system for game server maps, mods etc., ftp, Big brother bot game server > software and game servers of varying games. > > I am looking for any suggestions regarding Anti virus and firewall software > that is suitable with your Debian 5 64bit operating system. Wanting to add > as much security as possible to our server to reduce any problems we may > encounter. I would like any suggestions as to the best software that can be > used either paid for or freeware if you would be so kind. See CIS instructions for debian, bit old but still working: http://cisecurity.org/en-us/?route=downloads.show.single.debian.100 -- Eero -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTi=ygy6fLbkX7iQKgWtiKOaJLHzVv0jw2rurQM7c(a)mail.gmail.com
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: Debian startup help Next: nspluginwrapper, npviewer & iceape |